13:16 The Story of a burglary and the result of the department "to» | |
An attacker, sniffing, gained access to information about e-mail. Watching the correspondence, found registered to this e-mail domain, which belonged to a small company. Attempt to gain control over the website of the company accompanied by a statement to the Department "K", which was then a few months looking for the attacker, and the New Year, to carry out the plan successfully closed the deal. And now everything and more ...leakLike most such stories, this story began with the leak of information about e-mail account. Presumably, the source of the leakage has become an access point Wi-Fi in a hotel in St. Petersburg. E-mail address, information about which was the attacker belonged to a small firm in Moscow. ResearchE-mail access and monitoring of the correspondence provided the attacker further information, among which except for inside information about the company and personal information about the company director, became the domain information of the company, which was registered to the address of this email . AccessUsing system password, the attacker has access credentials to the FTP site of the company. Once you have copied all the information, the attacker has decided to create a copy of this website in order to profit from ads placed on it. Since the website has existed since 2003, the domain has already managed to accumulate enough to make a profit index citation. For theft this index, the attacker changed the company's hosted on a server file robots.txt. That this change was noted the owner of the company Web site. DetectionContact your support hosting (Web Hosting Center) received information about the access logs to a website via FTP, as proved Hosting Center keeps logs only for the last 3 months. But the information received from the logs was enough for the detection of IP-address of the attacker. Judging from the behavior of the attacker, he had not particularly extensive experience in the computer, which is comparable with the experience of the owner of the company Web site. Statement to the policeThis information formed the basis of the statements in the Moscow Police, as it turned out, the statements of this nature are accepted only at Petrovka. In a statement other than set forth above information was mentioned about the damage, which the company has received as a result of failure domain of the search engines. Accompanied by a copy of the access logs Web site hosting companies with an indication of unauthorized activity associated with copying and changing information. Some of the information is evidence of copyright. The fate of the applicationStatement by lain at Petrovka 30 days, after which the applicant was informed of the transfer application at the location hosting. After a few weeks of the application, it was forwarded to St. Petersburg at the location of IP-address of the attacker. After receipt of the application by the investigator of the local department "K" with the complainant contacted to clarify some issues and asked to fill in the form of evidence and send it by mail. Indications were dated December 22, 2010. Letter was sent on December 23 and became aware of a recent letter, 24 December 2010 the case was closed due to lack of evidence. Case closedIn the hands of the applicant has recently received a letter with information about the passport data of the attacker, the address of its registration in St. Petersburg and the number of contracts with Nevalinkom whose services enjoyed an attacker to access the Internet. Strangely, the fact remains that, immediately after the transfer of the case in St. Petersburg, a copy of the website under the domain the attacker has been changed to other content. I hope that law enforcement agencies, even seized a computer intruder, albeit for their own needs, but this certainly make sure the victim of the Moscow director of small firms, to bring the attacker to the address registered in St. Petersburg. | |
|
| |
| Total comments: 0 | |